Advertisement
Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.
Researchers from Bitdefender discovered the high-sophisticated Android spyware Mandrake in 2022, while investigating highly targeted attacks against specific devices. The original Mandrake campaign had two major infection waves, in 2016–2017 and 2018–2020.
Mandrake allows attackers to gain complete control over an infected device and exfiltrate sensitive data, it also implements a kill-switch feature (a special command called seppuku (Japanese form of ritual suicide)) that wipes all victims’ data and leaves no trace of malware.